Nmedia - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

Risk & Repeat: WannaCry ransomware worm shakes tech industry

Listen to this podcast

In this week's Risk & Repeat podcast, SearchSecurity editors look at the devastation caused by the WannaCry ransomware worm and discuss how it could have been prevented.

The ransomware worm known as WannaCry not only left behind a trail of devastation, but also raised pressing questions about software patching and vulnerability disclosure practices.

The ransomware worm took advantage of a flaw in Windows' server message block (SMB) v1, which was revealed in the Shadow Brokers' recent dump of Windows exploits from the National Security Agency (NSA). The flaw, dubbed EternalBlue, was resolved by Microsoft in its March Patch Tuesday -- weeks before the Shadow Brokers released it to the public.

According to a report from The Washington Post, the NSA warned Microsoft about EternalBlue prior to the exploit being made public. In addition, US-CERT issued an urgent security advisory in January about a then-undisclosed flaw in SMB v1, and urged organizations to disable support for the protocol.

Yet, even with the US-CERT warning and the Microsoft patch, many enterprises did not update their systems. As a result, the WannaCry ransomware worm was able to use the SMB flaw to spread quickly throughout organizations. More than 300,000 Windows systems were struck by WannaCry attacks, which crippled many organizations, including several hospitals in the U.K.

So who's to blame for the WannaCry devastation? Should organizations that failed to update Windows or turn off SMB v1 support take the brunt of the blame? Or does the majority fall on the shoulders of the NSA and U.S. government for hoarding vulnerabilities and failing to adequately disclose the Equation Group's cyberweapons?

In this week's Risk & Repeat podcast, editors Rob Wright and Peter Loshin are joined by SearchSecurity Senior Reporter Michael Heller to discuss those questions and more on the topic of the WannaCry ransomware worm and its fallout.

Next Steps

Risk & Repeat: Analyzing President Trump's cybersecurity executive order

Risk & Repeat: Dangerous Windows bug sparks disclosure debate

Risk & Repeat: Symantec strives to restore certificate trust

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Besides the threat actors behind WannaCry, who shares most of the blame for the attacks?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close